Re: Pondering per-process vsyscall disablement

[Andy Lutomirski <luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>]

On Fri, May 30, 2014 at 1:20 PM, H. Peter Anvin <hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org> wrote:
> On 05/30/2014 01:11 PM, Andy Lutomirski wrote:
>> On Fri, May 30, 2014 at 1:05 PM, H. Peter Anvin <hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org> wrote:
>>> On 05/30/2014 01:00 PM, Andy Lutomirski wrote:
>>>>
>>>> Do the flags go in the ELF loader or in the executable we're running?
>>>> Or both (and, if both, do we and them or or them)?
>>>>
>>>> I think the interpreter makes a little more sense in general: for the
>>>> most part, use of vsyscalls is a property of the runtime environment,
>>>> not of the program being run.  But maybe this is naive.
>>>>
>>>
>>> They go into each object which becomes part of the running program, i.e.
>>> executable, dynamic libraries, and dynamic linker.
>>
>> Well, sure, but the kernel is not about to start reading ELF headers
>> in dynamic libraries.  So we need to make a decision based on the
>> interpreter and the executable.  The conservative approach is to
>> require both to have the flag set *and* to offer a prctl to twiddle
>> the flags.  Then userspace loaders can do whatever they want, and
>> distros get to rebuild the world :)
>>
>
> Yes, something like that.

I'll hack something up once the merge window closes.  Or maybe sooner
if you commit my vsyscall patches from a few days ago.  Otherwise I'm
just going to confuse my git tree too much :)

--Andy

>
>         -hpa
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-api" in
> the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html



-- 
Andy Lutomirski
AMA Capital Management, LLC